Biometric access data encryption

ABSTRACT

The present application provides methods and corresponding systems for accessing services on a gaming device which, in certain embodiments, include the step or steps of obtaining at least one item of identity verification data from a user of a gaming device; encrypting the at least one item of identity verification data; comparing the at least one item of encrypted identity verification data received and at least one item of encrypted identity verification data obtained and stored previously on an authentication device; enabling at least one service on the gaming device based on a match between the encrypted identity verification data, the at least one service comprising a wager-type game; and displaying an interface screen comprising graphic objects associated with the wager-type game and at least one selectable element for the user to submit a gaming command and a wagering command during game play.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No. 13/616,588 filed on Sep. 14, 2012 which is a continuation of U.S. patent application Ser. No. 11/559,829 filed on Nov. 14, 2006 (now U.S. Pat. No. 8,645,709 issued on Feb. 4, 2014), which are hereby incorporated by reference herein in their entireties.

RELATED APPLICATIONS

The present application may be considered related to the following U.S. Patent Applications, each of which is incorporated herein by reference in their entirety for the purpose of enablement and written description: Ser. No. 11/406783, filed Apr. 18, 2006; Ser. No. 11/403722, filed on Apr. 12, 2006; Ser. No. 11/397596, filed on Apr. 3, 2006; Ser. No. 11/335253, filed on Jan. 18, 2006; Ser. No. 11/335210, filed on Jan. 18, 2006; Ser. No. 11/334848, filed on Jan. 18, 2006; Ser. No. 11/256568, filed on Oct. 21, 2005; Ser. No. 11/210482, filed on Aug. 24, 2005; Ser. No. 11/201830, filed on Aug. 10, 2005; Ser. No. 11/201812, filed on Aug. 10, 2005; Ser. No. 11/199964, filed on Aug. 9, 2005; Ser. No. 11/199835, filed on Aug. 9, 2005; Ser. No. 11/199831, filed on Aug. 9, 2005; Ser. No. 11/190613, filed on Jul. 26, 2005; Ser. No. 11/172018, filed on Jun. 29, 2005; Ser. No. 11/171809, filed on Jun. 29, 2005; Ser. No. 11/076561, filed on Mar. 9, 2005; Ser. No. 11/063311, filed on Feb. 21, 2005; Ser. No. 11/032724, filed on Jan. 10,2005; Ser. No. 11/022394, filed on Dec. 22, 2004; Ser. No. 11/021848, filed on Dec. 22, 2004; Ser. No. 11/018978, filed on Dec. 21, 2004; Ser. No. 10/983279, filed on Nov. 5, 2004; Ser. No. 10/963399, filed on Oct. 12, 2004; Ser. No. 10/879972, filed on Jun. 28, 2004; Ser. No. 10/836999, filed on Apr. 29, 2004; Ser. No. 10/836975, filed on Apr. 29, 2004; Ser. No. 10/836958, filed on Apr. 29, 2004; Ser. No. 10/836077, filed on Apr. 29, 2004; Ser. No. 10/835995, filed on Apr. 29, 2004; Ser. No. 10/822484, filed on Apr. 12, 2004; Ser. No. 10/816238, filed on Apr. 1, 2004; Ser. No. 10/798106, filed on Mar. 10, 2004; Ser. No. 10/784353, filed on Feb. 23, 2004; Ser. No. 10/771221, filed on Feb. 3, 2004; Ser. No. 10/771076, filed on Feb. 3, 2004; Ser. No. 10/759693, filed on Jan. 15, 2004; Ser. No. 10/687302, filed on Oct. 14, 2003; Ser. No. 10/667923, filed on Sep. 22, 2003; Ser. No. 10/667755, filed on Sep. 22, 2003; Ser. No. 10/654280, filed on Sep. 3, 2003; Ser. No. 10/651537, filed on Aug. 29, 2003; Ser. No. 10/616779, filed on Jul. 10, 2003; Ser. No. 10/453769, filed on Jun. 3, 2003; Ser. No. 10/453761, filed on Jun. 3, 2003; Ser. No. 10/410,197, filed on Apr. 10, 2003; Ser. No. 10/404,043, filed on Apr. 2, 2003; Ser. No. 10/287,332, filed on Nov. 1, 2002; Ser. No. 10/194358, filed on Jul. 12, 2002; Ser. No. 10/194186, filed on Jul. 12, 2002; Ser. No. 10/194019, filed on Jul. 12, 2002; Ser. No. 10/194018, filed on Jul. 12, 2002; Ser. No. 10/193980, filed on Jul. 12, 2002; Ser. No. 10/193978, filed on Jul. 12, 2002; Ser. No. 10/193977, filed on Jul. 12, 2002; Ser. No. 10/193971, filed on Jul. 12, 2002; Ser. No. 10/193817, filed on Jul. 12, 2002; Ser. No. 09/846,025, filed on Apr. 30, 2001; Ser. No. 09/378327, filed on Aug. 20, 1999; and Ser. No. 9/267865, filed on Mar. 12/1999.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 illustrates a gaming system according to at least one embodiment of the systems disclosed herein;

FIG. 2 illustrates a gaming system according to at least one embodiment of the systems disclosed herein;

FIG. 3 illustrates a gaming system according to at least one embodiment of the systems disclosed herein; and

FIG. 4 is a flow chart of a method according to at least one embodiment of the methods disclosed herein.

DETAILED DESCRIPTION OF THE INVENTION

The following sections I-X provide a guide to interpreting the present application.

I. Terms

The term “product” means any machine, manufacture and/or composition of matter, unless expressly specified otherwise.

The term “process” means any process, algorithm, method or the like, unless expressly specified otherwise.

Each process (whether called a method, algorithm or otherwise) inherently includes one or more steps, and therefore all references to a “step” or “steps” of a process have an inherent antecedent basis in the mere recitation of the term ‘process’ or a like term. Accordingly, any reference in a claim to a ‘step’ or ‘steps’ of a process has sufficient antecedent basis.

The term “invention” and the like mean “the one or more inventions disclosed in this application” , unless expressly specified otherwise.

The terms “an embodiment”, “embodiment”, “embodiments”, “the embodiment”, “the embodiments”, “one or more embodiments”, “some embodiments”, “certain embodiments”, “one embodiment”, “another embodiment” and the like mean “one or more (but not all) embodiments of the disclosed invention(s)”, unless expressly specified otherwise.

The term “variation” of an invention means an embodiment of the invention, unless expressly specified otherwise.

A reference to “another embodiment” in describing an embodiment does not imply that the referenced embodiment is mutually exclusive with another embodiment (e.g., an embodiment described before the referenced embodiment), unless expressly specified otherwise.

The terms “including”, “comprising” and variations thereof mean “including but not limited to”, unless expressly specified otherwise.

The terms “a”, “an” and “the” mean “one or more”, unless expressly specified otherwise.

The term “plurality” means “two or more”, unless expressly specified otherwise.

The term “herein” means “in the present application, including anything which may be incorporated by reference”, unless expressly specified otherwise.

The phrase “at least one of”, when such phrase modifies a plurality of things (such as an enumerated list of things) means any combination of one or more of those things, unless expressly specified otherwise. For example, the phrase “at least one of a widget, a car and a wheel” means either (i) a widget, (ii) a car, (iii) a wheel, (iv) a widget and a car, (v) a widget and a wheel, (vi) a car and a wheel, or (vii) a widget, a car and a wheel. The phrase “at least one of”, when such phrase modifies a plurality of things does not mean “one of each of” the plurality of things.

Numerical terms such as “one”, “two”, etc. when used as cardinal numbers to indicate quantity of something (e.g., one widget, two widgets), mean the quantity indicated by that numerical term, but do not mean at least the quantity indicated by that numerical term. For example, the phrase “one widget” does not mean “at least one widget”, and therefore the phrase “one widget” does not cover, e.g., two widgets.

The phrase “based on” does not mean “based only on”, unless expressly specified otherwise. In other words, the phrase “based on” describes both “based only on” and “based at least on”. The phrase “based at least on” is equivalent to the phrase “based at least in part on”.

The term “represent” and like terms are not exclusive, unless expressly specified otherwise. For example, the term “represents” do not mean “represents only”, unless expressly specified otherwise. In other words, the phrase “the data represents a credit card number” describes both “the data represents only a credit card number” and “the data represents a credit card number and the data also represents something else”.

The term “whereby” is used herein only to precede a clause or other set of words that express only the intended result, objective or consequence of something that is previously and explicitly recited. Thus, when the term “whereby” is used in a claim, the clause or other words that the term “whereby” modifies do not establish specific further limitations of the claim or otherwise restricts the meaning or scope of the claim.

The term “e.g.” and like terms mean “for example”, and thus does not limit the term or phrase it explains. For example, in the sentence “the computer sends data (e.g., instructions, a data structure) over the Internet”, the term “e.g.” explains that “instructions” are an example of “data” that the computer may send over the Internet, and also explains that “a data structure” is an example of “data” that the computer may send over the Internet. However, both “instructions” and “a data structure” are merely examples of “data”, and other things besides “instructions” and “a data structure” can be “data”.

The term “respective” and like terms mean “taken individually”. Thus if two or more things have “respective” characteristics, then each such thing has its own characteristic, and these characteristics can be different from each other but need not be. For example, the phrase “each of two machines has a respective function” means that the first such machine has a function and the second such machine has a function as well. The function of the first machine may or may not be the same as the function of the second machine.

The term “i.e.” and like terms mean “that is”, and thus limits the term or phrase it explains. For example, in the sentence “the computer sends data (i.e., instructions) over the Internet”, the term “i.e.” explains that “instructions” are the “data” that the computer sends over the Internet.

Any given numerical range shall include whole and fractions of numbers within the range. For example, the range “1 to 10” shall be interpreted to specifically include whole numbers between 1 and 10 (e.g., 1, 2, 3, 4, . . . 9) and non-whole numbers (e.g., 1.1, 1.2, . . . 1.9).

Where two or more terms or phrases are synonymous (e.g., because of an explicit statement that the terms or phrases are synonymous), instances of one such term/phrase does not mean instances of another such term/phrase must have a different meaning. For example, where a statement renders the meaning of “including” to be synonymous with “including but not limited to”, the mere usage of the phrase “including but not limited to” does not mean that the term “including” means something other than “including but not limited to”.

II. Determining

The term “determining” and grammatical variants thereof (e.g., to determine a price, determining a value, determine an object which meets a certain criterion) is used in an extremely broad sense. The term “determining” encompasses a wide variety of actions and therefore “determining” can include calculating, computing, processing, deriving, investigating, looking up (e.g., looking up in a table, a database or another data structure), ascertaining and the like. Also, “determining” can include receiving (e.g., receiving information), accessing (e.g., accessing data in a memory) and the like. Also, “determining” can include resolving, selecting, choosing, establishing, and the like.

The term “determining” does not imply certainty or absolute precision, and therefore “determining” can include estimating, extrapolating, predicting, guessing and the like.

The term “determining” does not imply that mathematical processing must be performed, and does not imply that numerical methods must be used, and does not imply that an algorithm or process is used.

The term “determining” does not imply that any particular device must be used. For example, a computer need not necessarily perform the determining

III. Forms of Sentences

Where a limitation of a first claim would cover one of a feature as well as more than one of a feature (e.g., a limitation such as “at least one widget” covers one widget as well as more than one widget), and where in a second claim that depends on the first claim, the second claim uses a definite article “the” to refer to the limitation (e.g., “the widget”), this does not imply that the first claim covers only one of the feature, and this does not imply that the second claim covers only one of the feature (e.g., “the widget” can cover both one widget and more than one widget).

When an ordinal number (such as “first”, “second”, “third” and so on) is used as an adjective before a term, that ordinal number is used (unless expressly specified otherwise) merely to indicate a particular feature, such as to distinguish that particular feature from another feature that is described by the same term or by a similar term. For example, a “first widget” may be so named merely to distinguish it from, e.g., a “second widget”. Thus, the mere usage of the ordinal numbers “first” and “second” before the term “widget” does not indicate any other relationship between the two widgets, and likewise does not indicate any other characteristics of either or both widgets. For example, the mere usage of the ordinal numbers “first” and “second” before the term “widget” (1) does not indicate that either widget comes before or after any other in order or location; (2) does not indicate that either widget occurs or acts before or after any other in time; and (3) does not indicate that either widget ranks above or below any other, as in importance or quality. In addition, the mere usage of ordinal numbers does not define a numerical limit to the features identified with the ordinal numbers. For example, the mere usage of the ordinal numbers “first” and “second” before the term “widget” does not indicate that there must be no more than two widgets.

When a single device, article or other product is described herein, more than one device/article (whether or not they cooperate) may alternatively be used in place of the single device/article that is described. Accordingly, the functionality that is described as being possessed by a device may alternatively be possessed by more than one device/article (whether or not they cooperate).

Similarly, where more than one device, article or other product is described herein (whether or not they cooperate), a single device/article may alternatively be used in place of the more than one device or article that is described. For example, a plurality of computer-based devices may be substituted with a single computer-based device. Accordingly, the various functionality that is described as being possessed by more than one device or article may alternatively be possessed by a single device/article.

The functionality and/or the features of a single device that is described may be alternatively embodied by one or more other devices which are described but are not explicitly described as having such functionality/features. Thus, other embodiments need not include the described device itself, but rather can include the one or more other devices which would, in those other embodiments, have such functionality/features.

IV. Disclosed Examples and Terminology Are Not Limiting

Neither the Title (set forth at the beginning of the first page of the present application) nor the Abstract (set forth at the end of the present application) is to be taken as limiting in any way as the scope of the disclosed invention(s). An Abstract has been included in this application merely because an Abstract of not more than 150 words is required under 37 C.F.R. § 1.72(b).

The title of the present application and headings of sections provided in the present application are for convenience only, and are not to be taken as limiting the disclosure in any way.

Numerous embodiments are described in the present application, and are presented for illustrative purposes only. The described embodiments are not, and are not intended to be, limiting in any sense. The presently disclosed invention(s) are widely applicable to numerous embodiments, as is readily apparent from the disclosure. One of ordinary skill in the art will recognize that the disclosed invention(s) may be practiced with various modifications and alterations, such as structural, logical, software, and electrical modifications. Although particular features of the disclosed invention(s) may be described with reference to one or more particular embodiments and/or drawings, it should be understood that such features are not limited to usage in the one or more particular embodiments or drawings with reference to which they are described, unless expressly specified otherwise.

No embodiment of method steps or product elements described in the present application constitutes the invention claimed herein, or is essential to the invention claimed herein, or is coextensive with the invention claimed herein, except where it is either expressly stated to be so in this specification or expressly recited in a claim.

All words in every claim have the broadest scope of meaning they would have been given by a person of ordinary skill in the art as of the priority date. No term used in any claim is specially defined or limited by this application except where expressly so stated either in this specification or in a claim.

The preambles of the claims that follow recite purposes, benefits and possible uses of the claimed invention only and do not limit the claimed invention.

The present disclosure is not a literal description of all embodiments of the invention(s). Also, the present disclosure is not a listing of features of the invention(s) which must be present in all embodiments.

Devices that are described as in communication with each other need not be in continuous communication with each other, unless expressly specified otherwise. On the contrary, such devices need only transmit to each other as necessary or desirable, and may actually refrain from exchanging data most of the time. For example, a machine in communication with another machine via the Internet may not transmit data to the other machine for long period of time (e.g. weeks at a time). In addition, devices that are in communication with each other may communicate directly or indirectly through one or more intermediaries.

A description of an embodiment with several components or features does not imply that all or even any of such components/features are required. On the contrary, a variety of optional components are described to illustrate the wide variety of possible embodiments of the present invention(s). Unless otherwise specified explicitly, no component/feature is essential or required.

Although process steps, algorithms or the like may be described or claimed in a particular sequential order, such processes may be configured to work in different orders. In other words, any sequence or order of steps that may be explicitly described or claimed does not necessarily indicate a requirement that the steps be performed in that order. The steps of processes described herein may be performed in any order possible. Further, some steps may be performed simultaneously despite being described or implied as occurring non-simultaneously (e.g., because one step is described after the other step). Moreover, the illustration of a process by its depiction in a drawing does not imply that the illustrated process is exclusive of other variations and modifications thereto, does not imply that the illustrated process or any of its steps are necessary to the invention(s), and does not imply that the illustrated process is preferred.

Although a process may be described as including a plurality of steps, that does not imply that all or any of the steps are preferred, essential or required. Various other embodiments within the scope of the described invention(s) include other processes that omit some or all of the described steps. Unless otherwise specified explicitly, no step is essential or required.

Although a process may be described singly or without reference to other products or methods, in an embodiment the process may interact with other products or methods. For example, such interaction may include linking one business model to another business model. Such interaction may be provided to enhance the flexibility or desirability of the process.

Although a product may be described as including a plurality of components, aspects, qualities, characteristics and/or features, that does not indicate that any or all of the plurality are preferred, essential or required. Various other embodiments within the scope of the described invention(s) include other products that omit some or all of the described plurality.

An enumerated list of items (which may or may not be numbered) does not imply that any or all of the items are mutually exclusive, unless expressly specified otherwise. Likewise, an enumerated list of items (which may or may not be numbered) does not imply that any or all of the items are comprehensive of any category, unless expressly specified otherwise. For example, the enumerated list “a computer, a laptop, a PDA” does not imply that any or all of the three items of that list are mutually exclusive and does not imply that any or all of the three items of that list are comprehensive of any category.

An enumerated list of items (which may or may not be numbered) does not imply that any or all of the items are equivalent to each other or readily substituted for each other.

All embodiments are illustrative, and do not imply that the invention or any embodiments were made or performed, as the case may be.

V. Computing

It will be readily apparent to one of ordinary skill in the art that the various processes described herein may be implemented by, e.g., appropriately programmed general purpose computers, special purpose computers and computing devices. Typically a processor (e.g., one or more microprocessors, one or more microcontrollers, one or more digital signal processors) will receive instructions (e.g., from a memory or like device), and execute those instructions, thereby performing one or more processes defined by those instructions. Instructions may be embodied in, e.g., a computer program.

A “processor” means one or more microprocessors, central processing units (CPUs), computing devices, microcontrollers, digital signal processors, or like devices or any combination thereof.

Thus a description of a process is likewise a description of an apparatus for performing the process. The apparatus that performs the process can include, e.g., a processor and those input devices and output devices that are appropriate to perform the process.

Further, programs that implement such methods (as well as other types of data) may be stored and transmitted using a variety of media (e.g., computer readable media) in a number of manners. In some embodiments, hard-wired circuitry or custom hardware may be used in place of, or in combination with, some or all of the software instructions that can implement the processes of various embodiments. Thus, various combinations of hardware and software may be used instead of software only.

The term “computer-readable medium” refers to any medium, a plurality of the same, or a combination of different media, that participate in providing data (e.g., instructions, data structures) which may be read by a computer, a processor or a like device. Such a medium may take many forms, including but not limited to, non-volatile media, volatile media, and transmission media. Non-volatile media include, for example, optical or magnetic disks and other persistent memory. Volatile media include dynamic random access memory (DRAM), which typically constitutes the main memory. Transmission media include coaxial cables, copper wire and fiber optics, including the wires that comprise a system bus coupled to the processor. Transmission media may include or convey acoustic waves, light waves and electromagnetic emissions, such as those generated during radio frequency (RF) and infrared (IR) data communications. Common forms of computer-readable media include, for example, a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD, any other optical medium, punch cards, paper tape, any other physical medium with patterns of holes, a RAM, a PROM, an EPROM, a FLASH-EEPROM, any other memory chip or cartridge, a carrier wave as described hereinafter, or any other medium from which a computer can read.

Various forms of computer readable media may be involved in carrying data (e.g. sequences of instructions) to a processor. For example, data may be (i) delivered from RAM to a processor; (ii) carried over a wireless transmission medium; (iii) formatted and/or transmitted according to numerous formats, standards or protocols, such as Ethernet (or IEEE 802.3), SAP, ATP, Bluetooth™ and TCP/IP, TDMA, CDMA, and 3G; and/or (iv) encrypted to ensure privacy or prevent fraud in any of a variety of ways well known in the art.

Thus a description of a process is likewise a description of a computer-readable medium storing a program for performing the process. The computer-readable medium can store (in any appropriate format) those program elements which are appropriate to perform the method.

Just as the description of various steps in a process does not indicate that all the described steps are required, embodiments of an apparatus include a computer/computing device operable to perform some (but not necessarily all) of the described process.

Likewise, just as the description of various steps in a process does not indicate that all the described steps are required, embodiments of a computer-readable medium storing a program or data structure include a computer-readable medium storing a program that, when executed, can cause a processor to perform some (but not necessarily all) of the described process.

Where databases are described, it will be understood by one of ordinary skill in the art that (i) alternative database structures to those described may be readily employed, and (ii) other memory structures besides databases may be readily employed. Any illustrations or descriptions of any sample databases presented herein are illustrative arrangements for stored representations of information. Any number of other arrangements may be employed besides those suggested by, e.g., tables illustrated in drawings or elsewhere. Similarly, any illustrated entries of the databases represent exemplary information only; one of ordinary skill in the art will understand that the number and content of the entries can be different from those described herein. Further, despite any depiction of the databases as tables, other formats (including relational databases, object-based models and/or distributed databases) could be used to store and manipulate the data types described herein. Likewise, object methods or behaviors of a database can be used to implement various processes, such as the described herein. In addition, the databases may, in a known manner, be stored locally or remotely from a device which accesses data in such a database.

Various embodiments can be configured to work in a network environment including a computer that is in communication (e.g., via a communications network) with one or more devices. The computer may communicate with the devices directly or indirectly, via any wired or wireless medium (e.g. the Internet, LAN, WAN or Ethernet, Token Ring, a telephone line, a cable line, a radio channel, an optical communications line, commercial on-line service providers, bulletin board systems, a satellite communications link, a combination of any of the above). Each of the devices may themselves comprise computers or other computing devices, such as those based on the Intel® Pentium® or Centrino™ processor, that are adapted to communicate with the computer. Any number and type of devices may be in communication with the computer.

In an embodiment, a server computer or centralized authority may not be necessary or desirable. For example, the present invention may, in an embodiment, be practiced on one or more devices without a central authority. In such an embodiment, any functions described herein as performed by the server computer or data described as stored on the server computer may instead be performed by or stored on one or more such devices.

Where a process is described, in an embodiment the process may operate without any user intervention. In another embodiment, the process includes some human intervention (e.g., a step is performed by or with the assistance of a human).

VI. Continuing Applications

The present disclosure provides, to one of ordinary skill in the art, an enabling description of several embodiments and/or inventions. Some of these embodiments and/or inventions may not be claimed in the present application, but may nevertheless be claimed in one or more continuing applications that claim the benefit of priority of the present application.

Applicants intend to file additional applications to pursue patents for subject matter that has been disclosed and enabled but not claimed in the present application.

VII. 35 U.S.C. § 112, paragraph 6

In a claim, a limitation of the claim which includes the phrase “means for” or the phrase “step for” means that 35 U.S.C. § 112, paragraph 6, applies to that limitation.

In a claim, a limitation of the claim which does not include the phrase “means for” or the phrase “step for” means that 35 U.S.C. § 112, paragraph 6 does not apply to that limitation, regardless of whether that limitation recites a function without recitation of structure, material or acts for performing that function. For example, in a claim, the mere use of the phrase “step of” or the phrase “steps of” in referring to one or more steps of the claim or of another claim does not mean that 35 U.S.C. § 112, paragraph 6, applies to that step(s). With respect to a means or a step for performing a specified function in accordance with 35 U.S.C. § 112, paragraph 6, the corresponding structure, material or acts described in the specification, and equivalents thereof, may perform additional functions as well as the specified function.

Computers, processors, computing devices and like products are structures that can perform a wide variety of functions. Such products can be operable to perform a specified function by executing one or more programs, such as a program stored in a memory device of that product or in a memory device which that product accesses. Unless expressly specified otherwise, such a program need not be based on any particular algorithm, such as any particular algorithm that might be disclosed in the present application. It is well known to one of ordinary skill in the art that a specified function may be implemented via different algorithms, and any of a number of different algorithms would be a mere design choice for carrying out the specified function.

Therefore, with respect to a means or a step for performing a specified function in accordance with 35 U.S.C. § 112, paragraph 6, structure corresponding to a specified function includes any product programmed to perform the specified function. Such structure includes programmed products which perform the function, regardless of whether such product is programmed with (i) a disclosed algorithm for performing the function, (ii) an algorithm that is similar to a disclosed algorithm, or (iii) a different algorithm for performing the function.

Where there is recited a means for performing a function hat is a method, one structure for performing this method includes a computing device (e.g., a general purpose computer) that is programmed and/or configured with appropriate hardware to perform that function.

Also includes a computing device (e.g., a general purpose computer) that is programmed and/or configured with appropriate hardware to perform that function via other algorithms as would be understood by one of ordinary skill in the art.

VIII. Disclaimer

Numerous references to a particular embodiment does not indicate a disclaimer or disavowal of additional, different embodiments, and similarly references to the description of embodiments which all include a particular feature does not indicate a disclaimer or disavowal of embodiments which do not include that particular feature. A clear disclaimer or disavowal in the present application shall be prefaced by the phrase “does not include” or by the phrase “cannot perform”.

IX. Incorporation By Reference

Any patent, patent application or other document referred to herein is incorporated by reference into this patent application as part of the present disclosure, but only for purposes of written description in accordance with 35 U.S.C. § 112, paragraph 1 and enablement in accordance with 35 U.S.C. § 112, paragraph 1, and should in no way be used to limit, define, or otherwise construe any term of the present application where the present application, without such incorporation by reference, would not have failed to provide an ascertainable meaning, but rather would have allowed an ascertainable meaning for such term to be provided. Thus, the person of ordinary skill in the art need not have been in any way limited by any embodiments provided in the reference

Any incorporation by reference does not, in and of itself, imply any endorsement of, ratification of or acquiescence in any statements, opinions, arguments or characterizations contained in any incorporated patent, patent application or other document, unless explicitly specified otherwise in this patent application.

X. Prosecution History

In interpreting the present application (which includes the claims), one of ordinary skill in the art shall refer to the prosecution history of the present application, but not to the prosecution history of any other patent or patent application, regardless of whether there are other patent applications that are considered related to the present application, and regardless of whether there are other patent applications that share a claim of priority with the present application.

XI. Overview of Various Embodiments

Referring to FIG. 1, a gaming system 100 according to at least one embodiment of the systems disclosed herein includes at least one computing device, such as a remote computer 118, e.g., a server computer, a gaming device 113, or a combination thereof, which may reside in whole or in part within the domain of a gaming service provider 120. The gaming provider 120 may be the proprietor of a casino and the gaming system 100 may be physically within the geographic boundaries of the casino. Alternatively, the computing device, e.g., the remote computer 118 and/or the gaming device 113, may be the remote from the casino. As such, the gaming system 100 may allow users to engage in gaming services and access the other services disclosed herein from remote and/or mobile locations relative to the gaming service provider 120 or relative to the casino.

The computing device generally includes at least one processor 102, and a memory 104, such as ROM, RAM, FLASH, etc., or any computer readable medium 106, such as a hard drive, a flash-drive, an optical or magnetic disk, etc. The memory 104 or computer readable medium 106 preferably includes software stored thereon that when executed performs one or more steps of the methods disclosed herein, including communicating data back and forth between devices, displaying interface screens, etc. The computing device may also be associated with or have access to one or more databases for retrieving and storing the various types of data discussed herein, including identity verification data, such as an ID and password, physical biometric data, etc., user continuity data, such as behavioral biometric data, proficiency data, player pattern data, etc., and user profile data, such as the user's names, identification number, address, credit or debit card data, account balances, user preferences, device preferences, etc.

In one embodiment, the system 100 includes a plurality of computing device, such as a remote computer 118 coupled to at least one gaming device 113 over a communication network 116, which are generally configured or otherwise capable of transmitting and/or receiving communications to and/or from each other. The term remote in this context merely means that the remote computer 118 and the gaming device are separate from each other. Thus, the devices may be remote even if the devices are located within the same room. As such, the gaming device 113 is preferably configured or otherwise capable of transmitting and/or receiving communications to and/or from the remote computer 118. This may be accomplished with a communication element 124, such as a modem, an Ethernet interface, a transmitter/receiver, etc., that enables communication with a similarly equipped remote computer 118, wirelessly, wired, or a combination thereof. It is understood that the relative functionality described herein may be provided by the remote computer 118, by the gaming device 113, or both, and is thus not limited to any one implementation discussed herein.

The gaming devices 113 may include, without limitation, a mobile phone, PDA, pocket PC, personal computer, as well as any special or general purpose gaming device, such as a slot machine, a video poker machine, video or computer-based versions of table games, e.g., roulette, blackjack, etc. As such, the gaming device 113 preferably includes a processor 122, a memory 123, a display 125, such as a CRT or an LCD monitor, for displaying information and/or graphics associated with the services provided by the gaming system 100, and at least one input device, such as a mouse, a touch-sensitive pad, a pointer, a stylus, a trackball, a button, e.g., alphanumeric, a scroll wheel, a touch-sensitive monitor, etc., or a combination thereof, for users to enter commands and/or information relevant to the gaming system services. With the general purpose type gaming devices 113, such as the PC or PDA, users may access the services provided by the gaming system 100, e.g., the remote computer 118, with a browser or any other generic application, or with special purpose software designed specifically for accessing and providing the services disclosed herein.

In at least one embodiment, the gaming device 113 includes or is otherwise associated with at least one biometric sensor 120. The biometric sensor 120 is any device that is used to determine directly from the user at least one item of biometric data associated with a user, such as a fingerprint reader, an iris scanner, a retinal scanner, a vascular pattern reader, a facial recognition camera, etc. The biometric sensor 120 may be embodied in hardware, software, or a combination thereof. The biometric sensor 120 may further share resources with other components of the gaming device 113, such as the processor 122, memory 123, a camera, a microphone, a speaker, etc. A single biometric sensor 120 may be used for reading more than one type of biometric data. For example, a digital camera may be used to obtain an image of the user's eye for iris scanning and an image of the user's face for facial recognition. In this instance, a single image capture of the user's face may provide the data for facial recognition as well as data for iris or retinal comparisons. The biometric data is generally obtained with the biometric sensor 120 and used at least to verify the identity of the user as a gateway for allowing the user to access the services provided with the gaming device 113 and/or the remote computer 118. In this regard, biometric data may be compared with previously obtained/stored physical biometric data that has preferably been authenticated as being associated with a particular authorized user, and access to the gaming system's services may be provided based on a positive match thereof.

In addition to the physical biometrics discussed above, the biometric sensor 120 may also obtain behavioral biometric data, such as blood pressure, heart or pulse rate, body temperature data, speech, handwriting, keystrokes, body movements, etc. The behavioral biometric data may be analyzed to determine whether there has been a user change or otherwise verify that there has not been a break in user continuity at any time following verification of a user's identify following initial validation with, e.g., the physical biometric data, or ID and password. For example, a user's identity may be verified with a fingerprint reader and access may be provided thereafter to the services provided by the gaming system 100, e.g., for a predetermined period of time or until some predetermined event, such as the gaming device 113 being turned off, the device 113 being moved outside an approved gaming area, etc. The gaming system 100 may thereafter monitor behavioral biometric data with the device and prompt the user for physical biometric data or other identity verification data if it is determined from the behavioral data collected following identity verification that there may have been a change in the users of the device. For example, the user's heart rate or body temperature may be monitored following initial verification to determine if there are any changes in the data stream, e.g., in consecutive data readings, that may be attributed to a change in users, such as a sudden change in heart rate or temperature (either lower or higher) in a relatively short amount of time, e.g., in 5 seconds or less, or a break in the data, e.g., a null reading for one or more consecutive data readings, or a combination thereof.

The behavioral biometric data collected may be analyzed for any recognizable pattern that may indicate a user change. The data collected may be analyzed without reference to data collected previously, e.g. prior to the initial or an immediately preceding identity verification, or based on historic biometric data, e.g., data collected prior to the initial or the immediately preceding identity verification, for particular individuals or for a group of individuals. For example, a heart rate reading either above or below an average heart rate computed based on historic data for an authorized user may trigger the system 100 to prompt the user for identity verification data, such as for a user ID and password, or physical biometric data. A heart rate reading following a null reading in the data stream that is either below or above a heart rate reading before the break in the data stream may also trigger the prompt for identity verification data. Similarly, different peak heart rates in general or keyed to specific gaming events, such as at the time the user places a bet, wins or loses a wager, etc., may also trigger the prompt for identity verification data in order for the user to continue using the services of the system 100. The biometric data for establishing the data stream may be obtained repeatedly, such as continuously, cyclically, periodically, e.g., every second, minute, etc.

Pattern recognition may be applied to user continuity data other than behavioral biometric data, including data indicative of a user's proficiency with the system and/or the services provided by the system. For example the system may track the keystroke rate of a user in general or for particular services, e.g., games, and determine if the keystroke rate of a user following identity verification differs from the keystroke data obtained within the betting session following verification or from data obtained prior to the verification. Other proficiency data may be tracked to determine if there may have been a change in the user of the system 100, such as the rate at which the user navigates through the menus, false selections of menus or menu items, etc. Keystroke data may be mapped or certain events, such as wins or losses, as a measure for reducing false positives as a result of different keystroke rates that may be attributed to user nervousness. In any event, a prompt for identity verification data may also be triggered based on a determination that there may have been a change in the user based on the proficiency data collected.

The gaming system 100 may also verify user continuity by tracking the playing pattern of a user and prompting the user for identity verification data based on gaming commands or requests that deviate or are inconsistent from the playing pattern associated with the user. For example, if the user has a pattern of never having wagered more than $100 on any particular game, the system 100 may prompt the user for verification data, such as physical biometric data, if the user makes a wager of $500 or any appreciable amount above the highest wager, such as 5% or greater than the highest wager. Similarly, the system 100 may track the user's response to wins or losses and prompt the user for identity verification data on any deviation therefrom. For example, a user may establish a pattern of placing a higher wager on every win and lowering the wager on a loss. The system 100 may, upon comparing playing pattern data obtained previously and current playing pattern data and determining therefrom that a wager deviates from the pattern of wagers for the particular authorized user, prompt the user for identity verification data before the user is allowed to continue accessing the services provided by the system 100. Continuity may also be tracked with an authentication device as discussed below.

The system 100 may track the user continuity data, e.g., behavioral biometric, proficiency, playing pattern, as well as any other variable type data obtained from users for a sufficient amount of time to collect a data set for the comparisons discussed above. The amount of data in the data set for the comparison will generally vary based on the type of data and the desired sample set for the comparison. For example, in determining whether there may have been a user change based on a change in consecutive data readings, such as when there is a break in the data stream, the amount of data necessary for the comparison generally includes two consecutive readings: a first reading followed by a second reading having an appreciable value, e.g., 5% or greater, above or below the first reading. Similarly, when the comparison is based on historic data, the amount of data necessary for the comparison includes at least two non-consecutive readings: a first reading at a time to classify the data as historic data, e.g., prior to the then current physical biometric identity verification, and a second more recent reading, e.g., after the then current physical biometric identity verification, having an appreciable value above or below the first reading. It can be appreciated that a larger data set, in certain instances, may yield greater accuracy or less false prompts for additional data (false positives). For example, comparison of a current reading with, e.g., the average of 5 prior readings, may result in less false positives in that the average value will tend to diminish the impact of noise in the data set for the comparison. Alternatively or additionally, the system 100 may filter noise from the data set for the comparison. The system 100 may, for example, filter improbable data, such as temperature readings less 90 degrees F. and greater than 110 degrees F., heart rates less than 40 bpm and greater than 180 bpm, etc.

In one embodiment, the system 100 triggers the prompt for identity verification data based at least on a configurable level of confidence associated with the comparison. The level of confidence may be set, e.g., by a system administrator or by the user. The level of confidence may be set in any manner including by adjusting variables that factor into the confidence or the probability of a false positive or negative, as the case may be, such as the difference between the data that will trigger the prompt for identity verification data, the amount of data in the data set used for the comparison, the filters used to filter noise from the data set for the comparison, etc.

In one embodiment, the system 100 tracks data indicative of a false positive, which may be used as a basis for adjusting variables associated with the data set, the data set filters, the difference between the data that triggers the prompt, etc., and/or algorithms used to trigger the prompt for identity verification data. False positive data generally includes a positive verification of the user's identity in response to a prompt for identity verification data following a trigger. The data indicative of the false positive may further include the amount of time between the prompt and the positive verification, or any other data which may indicate that the positive verification of the user's identity is attributed to a user change back to the authorized user, including the data believed to be suspect.

The data resulting in a false positive, prompting the user for identity verification data, may further be input into a neural network which adjusts the variables associated with the data set, the data set filter, algorithms, etc. accordingly. Similarly, data indicative of true positives may also be input into the neural network. The neural network may be trained using supervised, unsupervised learning, and reinforced learning techniques, or a combination thereof. With supervised techniques, the neural network is supplied sets of example pairs, e.g., data reading(s) and an indication of the data reading(s) is/are false or true positive, and the neural network infers a mapping implied by the data. With unsupervised techniques, the neural network is supplied with data and the neural network derives therefrom a mapping without the aid of the false or true positive indications, such as based on statistical modeling, filtering, blind source separation, clustering, etc. With reinforcement learning, the data is derived generally from interactions within the system and observations made therefrom. In addition to the data resulting in a false positive, any of the data discussed herein may be supplied to the neural network to adjust the size of the data set, vary the data set filter values, the difference between the readings that trigger the prompt, etc., as the case may be, to achieve a desired confidence, such as greater than 85% or greater accuracy. Alternatively or additionally, the data resulting in a false positive maybe fed into a support vector machine, which classifies the data using a supervised machine learning technique. Image type data may further be preprocessed prior to being introduced into the neural network or the support vector machine to create an abstract representation of the image that is dimensionally smaller than the image data. Preprocessing may be performed using statistical techniques, such linear discriminant analysis techniques.

The system 100 may detect various types of errors and may further categorize the types of errors in one of a plurality of categories, such as a type I error, a type II error, etc. The categories may be derived based on the severity of the error or any other characterization scheme. For example, a false identity verification with physical biometric data may be classified as a type I error which has greater weight than a false identity verification with behavioral biometric data classified as a type II error. The manner in which the system 100 responds to errors may be class dependent. In this respect, the system 100 may favor certain classes of errors and respond, e.g., aggressively or favorably, based on the class of the error. For example, the system may block all access with type I errors while providing continued access for type II errors until a configurable tolerance has been crossed. For instance, continued access may be provided until a certain number of type II errors have been registered, e.g., 3 or more type II errors. In this respect, type II errors favor permitting rather than excluding game play in comparison to type I errors. The classification and the threshold maybe be either administrator or user configurable. Additionally, users may be limited to only configuring the classification of certain errors and thresholds more restrictively. For example, users may be limited to only adding default type II errors into type I error class with a more aggressive response that type II errors. Similarly, the user configuration with regard to the threshold may be limited to only reducing the threshold, e.g., to 2 instead of 3 type II errors, before accesses is blocked. All user configurations may be stored in a user profile in one or more databases associated with the gaming system 100. The thresholds and/or classifications may be location specific. For example, the thresholds for certain types of errors while in a hotel restaurant may be relaxed to account for the user engaging in other activity, such as eating.

The gaming system 100 may provide users with access to various types of services including one or more of a plurality of different types of games, e.g., card games; slot-machine style games; craps; other casino-style games; table games, such as poker, craps, roulette, blackjack, baccarat, etc.; the wheel of fortune game; keno; sports betting; horse, dog, or auto racing; jai alai; lottery-type games, including video versions of scratch off lotteries. The system 100 may provide game play based on the outcome of any type of event, such as sporting events and athletic competitions, including football, basketball, baseball, golf, etc., and non-sporting events, such as on the movement in particular financial markets, indexes, or securities, political elections, entertainment industry awards, box office performance of movies, weather events, etc. The games may be provided both with and without wagering, or with simulated wagering using points that may be traded in for prizes. The gaming system 100 may also provide non-gaming services, e.g., on the gaming device 113, such as audio and video entertainment, news, messaging, telephone, IP telephony, etc.

The gaming system 100 may be implemented over any type of communications network 116, such as a local area network (LAN), a wide area network (WAN), the Internet, a telephone network (POTS), a wireless network, including cellular, WiFi, and WiMax networks, or a combination of wired and/or wireless networks. The communications network 116 may be entirely independent of the Internet. The system 100 may alternatively limit the information transmitted over the Internet to that with little or no security risk, or that which has been encrypted.

As noted above, the gaming system 100 may, in certain embodiments, allow users to access services provided by the system from one or more of a plurality of remote locations. The system 100 may also allow users to access the services of the system 100 with the device 113 while mobile or transient. For example, the gaming system 100 may allow users to access services in any location within a service area 148, such as within the vicinity of a hotel. Service area 148 may further be broken down into a plurality of sub-areas 140, 146, such as the casino of a hotel vs. general occupancy areas, e.g., the lobby, the pool, the gym, etc. The service area 148, in the broadest sense, includes any location within the communication capability of the system 100. Thus, service area 148 for services provided over the Internet includes any location with access to the Internet. Similarly, service area 148 for services provided by wireless communication includes any locations within the transmission range of the transmitter and/or reception range of the receiver. The service area 148 may be limited artificially by the system provider and/or the user within certain geographic boundaries. For example, the system provider may limit the service area to within one or more states, cities, municipalities, hotels in a city or municipality, areas within the hotel, such as the casino area, etc., or a combination thereof. Thus, the system 100 may provide services to users in a disjointed area 140, as shown in FIG. 1, where the service provider provides services in one state, such as Nevada, and one or more cities in another state, such as in Atlantic City, N.J., or in any one or more hotels within a city. User defined location access limits may be stored in a user profile in a database associated with the system 100.

Accordingly, in one embodiment, the system 100 has a location verification feature, which is discussed below in greater detail. The location verification feature may be used to permit or block users from accessing the services provided by the system 100 based on the particular location of, e.g., the gaming device 113. For example, services may be enabled when it is determined that the location of the gaming device 113 is within a pre-defined area 140, such as within the area of a hotel that provides the services disclosed herein, or disabled when the device 113 is moved to a location outside of the area 140. The location verification feature may also be used to disable fewer than all of the services of the gaming system 100 based on the location of the device 113. For example, the system 100 may limit wager-type gaming to areas where such gaming is permitted by law, such as to the casino area of a hotel, whereas non-wagering services, such as messaging, may be enabled irrespective of the location of the device 113. Particular services may also be enabled or disabled by the provider and/or the user based on the location of the device. For example, the user may be allowed to disable non-wagering services, such as messaging, when the user is within the wagering area, such as the casino, and/or during certain events, such as when the user is engaged in game play. As with the classification and threshold limitations discussed above, the user may only be allowed to specify more restrictive service limitations and thus may not be able to override certain limitations imposed by the service provider. For example, the user may not be allowed to enable wager-type gaming in areas where that type of gaming is has been disabled by the service provider. The user defined service limitations may be stored in a user profile in a database associated with the system 100.

In one embodiment, the gaming system 100 provides services in at least two areas 140, 146 each of the areas having a different level of surveillance than the other. The level of surveillance may be quantified based on any scheme indicative of the effectiveness with regard to determining whether an authorized user is in fact using the gaming system 100 or that the gaming system 100 is being used properly. The level may be established based on the number of measures implemented in this regard. For example, the level of surveillance for an area using face recognition and human surveillance may be deemed greater than an area with only fingerprint scanning Alternatively or additionally, certain measures may be given greater weight, e.g., based on the reliability of the measure. For example, a fingerprint scan may have a greater reliability or accuracy in verifying the identity of a user than an iris scan. The weight of a particular measure may be independent of its reliability and may simply be based on a subjective confidence in the measure, e.g. of the user or the service provider, relative to other measures. The surveillance level may have nominal designations indicative of overall effectiveness and/or confidence. For example, the level of an area may be classified as being A, B, C, Z; low, medium, high, or as a Type I, II, III, . . . The surveillance level may also be distinguished using finer nominal designations, such as 0% to 100% in increments of 1, 0.1, 0.01, . . .

In one embodiment, the system 100 provides access based on the surveillance level of the area the gaming system 100 is being accessed from, e.g., the location of the gaming device 113. That is, surveillance based access may allow access to one or more services if there is a sufficient level of surveillance, defined by either the system provider and/or the user. In this respect, surveillance based access may be implemented in any one of a number of ways. The system may, for instance, provide wager-type gaming services only if the level of security associated with the access area satisfies a minimum level. For example, a user may limit wager-type gaming with system 100 to areas having no less that a type I surveillance level, such as a casino. Thus, wager-type gaming will be disabled in type II surveillance level or less areas, such as hotel common areas, e.g., the pool, the hotel lobby, and non-common areas, such as hotel rooms.

In one embodiment, the system 100 supplements the surveillance of the area with surveillance measures available with the system 100 to achieve the desired surveillance level. Further to the previous example, the system 100 may increase the surveillance level of type II areas to type I for wager-type gaming by prompting the user for identity verification data and/or collect user continuity data thereby adding to the surveillance level of type II areas sufficient to classify the area with the combined area and device surveillance measures as a type I or better. Thus, the system 100 may allow the user to access services in higher surveillance areas, such as casinos, without biometric data while requiring biometric data with the device in areas with lesser surveillance, such as the hotel courtyard. Surveillance based access limitations may be stored in a user profile in a database associated with the system 100.

As can be appreciated from the present disclosure, the system 100 may maintain a plurality of different types of data, such as physical biometric data, behavioral biometric data, proficiency data, playing pattern data, etc., for identity verification purposes for each authorized user. The system 100 preferably verifies the identity of a user before allowing the user to access at least one of the services provided therewith. In this respect, the system may require that the user submit at least one item of identity verification data, such as an ID and password combination, or any one of the physical biometric data items discussed herein, etc. The system may further require from the user at least one additional item of identity verification data for system access. In this respect, the system maintains at least one item of redundant verification data. The requirement for additional verification data may be implemented in certain but not all instances. For example, additional verification data may be required in certain areas of a hotel, such as those with lesser surveillance or reliability as discussed above. In these areas, the system 100 may prompt the user for a first and a second item of verification data, such as at least two of: a facial image, an iris scan, a retinal scan, a fingerprint scan, a vascular pattern scan, etc., before allowing the user to access the system services. The surveillance level or reliability associated with each of the measures may be added to achieve a desired surveillance level or reliability as indicated above.

The user may generally customize any of the aspects of the services provided by the system 100 or any other customizable aspect of the system 100, including classification and threshold configurations, and service, location, and surveillance based access limits. In certain instances, customization generally allows users to vary the level of security, e.g., above a minimum set by a service provider, to a level based on the user's comfort level and/or the location where services are being accessed. For example, if the user only intends to access the system 100, e.g., the gaming device 113, at a particular casino, the user may configure the system 100 to require biometric data at any time the gaming device is used at a off the premises of the particular casino, e.g., at another casino. This feature may be used to prevent a situation where a thief steals the gaming device 113 and attempts to access services at another casino. The services may be customized for each device 113 individually or for groups of devices.

The system 100 may further be configured to encrypt data, such as the physical biometric data, before it is communicated from the gaming device 113 to the remote computer 118 over network 116 for authentication. In one embodiment, this is accomplished with a one-way encryption algorithm that encrypts, e.g., the identity verification data, to produce a string of alphanumeric characters having a length, such as 100 or greater, from, in certain instances, image data. The string may then be communicated to the remote computer 118 for verification, which is compared with data in the user's profile. The remote computer 118 preferably does not store any identity verification data in the raw form, i.e., unencrypted. Rather, the remote computer stores the post encryption string of characters for the validation. Thus, a match between the string of characters communicated from the device for identity verification and the stored string, within a configurable tolerance, will result in enabling the user to access one or more of the services provided by the system 100. The gaming device 113 may also be configured so that the raw and/or the encrypted identity verification data is not stored permanently and/or to purged or otherwise erased periodically, following validation, when the data is transmitted successfully to the remote computer 113, or at any other time the data is no longer needed for the immediate validation. Therefore, in this instance, the gaming device 113 will be required to obtain and/or encrypt identity verification data anew each time there is a prompt for such data.

As used herein, the term “encryption” refers to a process for obscuring or hiding information so that the information is not readily understandable without special knowledge. The process of encryption may transform raw information, called plaintext, into encrypted information. The encrypted information may be called ciphertext, and the algorithm for transforming the plaintext into ciphertext may be referred to as a cipher. A cipher may also be used for performing the reverse operation of converting the ciphertext back into plaintext. Examples of ciphers include substitution ciphers, transposition ciphers, and ciphers implemented using rotor machines.

In various encryption methods, ciphers may require a supplementary piece of information called a key. A key may consist, for example, of a string of bits. A key may be used in conjunction with a cipher to encrypt plaintext. A key may also be used in conjunction with a cipher to decrypt ciphertext. In a category of ciphers called symmetric key algorithms (e.g., private-key cryptography), the same key is used for both encryption and decryption. The sanctity of the encrypted information may thus depend on the key being kept secret. Examples of symmetric key algorithms are DES and AES. In a category of ciphers called asymmetric key algorithms (e.g., public-key cryptography), different keys are used for encryption and decryption. With an asymmetric key algorithm, any member of the public may use a first key (e.g., a public key) to encrypt plaintext into ciphertext. However, only the holder of a second key (e.g., the private key) will be able to decrypt the ciphertext back in to plaintext. An example of an asymmetric key algorithm is the RSA algorithm.

It will be appreciated that other methods besides encryption may be used to hide or obscure information, such as encoding or steganography. Such methods may also be used in conjunction with cryptography.

Encryption may be used to send a message only specific recipients can read. For example, Alice and Bob may both be in possession of the same secret key. Alice may encrypt a plaintext message with the secret key. She may transmit the resultant ciphertext to Bob. Bob may then decrypt the cyphertext using the secret key so as to view the plaintext version of the message.

Encryption may also allow messages to be encrypted by many and decrypted only one (e.g., PGP). For example, Alice may possess a public and a private key. Bob may wish to send Alice a message that only Alice will be able to read. Bob may create a message in plaintext and encrypt it using Alice's public key. Bob may send the resultant ciphertext to Alice. Alice may then decrypt the ciphertext using her private key, and may thereby view the plaintext message. Should Cindy intercept the ciphertext message on its way from Bob to Alice, Cindy would not be able to decrypt the message since Cindy would not have access to Alice's private key. Alice's public key, although available to Cindy, would not be sufficient to decrypt the ciphertext message in a practicable amount of time.

Encryption may be used to authenticate the sender of a message. This use of encryption may include having the sender create a digital signature. For example, Alice would like to send a message to Bob in such a way that Bob can be confident that the message has come from her. Alice may construct a plaintext message and encrypt the plaintext into ciphertext using her private key. Alice may then send the ciphertext message to Bob. Bob may then use Alice's public key to decrypt the ciphertext back in to plaintext. Since Alice's public key only works to decrypt a ciphertext message created using Alice's private key, and since presumably only Alice has access to her own private key, Bob can be confident that the message originated from Alice.

Encryption may be used to allow for non-repudiation. If a sender has applied a digital signature to a message, or portion of a message, then the sender will not later be able to claim he did not send the message.

Encryption may be used to guarantee a time/data sent, guarantee receipt by recipient, and verify that a message has not been altered after being sent by the sender, as discussed below. See hashing below.

Hashing is a process whereby input data, typically of arbitrary length, is transformed into output data, typically of shorter length and/or of fixed length. A hash function is a function that performs the transformation. Often, useful hash functions will be one-way functions. That is, for a given input, the output can be computed readily. However, for a given output, the input which produced the output will be difficult to calculate. Also, useful hash functions will often have the property that two differing inputs rarely produce the same output. Hashing can be used for the following purposes:

-   -   To perform data redundancy checks. For example, a database may         contain a large number of names The names may be of arbitrary         length. To check for redundant names, hash values for the names         may be created. The hash values may be of smaller size than the         names and may all be of the same length. Thus, it may be easier         to compare the hash values of the names that it will be to         compare the names themselves.     -   To verify that a message has not been altered. For example,         Alice can send a plaintext message to Bob along with a hash         value of the message. Alice can apply a digital signature to the         hash value so as to assure Bob that the hash value has been sent         by Alice. When Bob receives the plaintext message from Alice,         Bob can compute the hash value of the message. If the hash value         that Bob computes is the same as the hash value that Alice has         sent to Bob, then Bob can be fairly confident that the message         has not been altered en route from Alice to Bob.     -   To prove possession of a message without having to reveal the         message. For example, Alice can send a message to Bob. Bob can         take the hash of the message and send it back to Alice. Alice         may thus be assured that Bob has the message without the risk of         the message being intercepted en route from Bob to Alice.     -   To prove possession of a message at a certain time without         having to reveal the message. For example, Alice might have a         great idea and wish to prove she came up with it at a certain         time without having to reveal the idea. Thus, Alice might write         out the idea in the form of text, and take a hash value of the         text. Alice can then publish the hash of the text in a         newspaper. It will then be readily apparent that Alice had         possession of the idea at least on the date of the newspaper's         publication.     -   To timestamp a document. For example, a document may be sent to         a time-stamping service. The service may then determine the hash         value of the document. The service may append the then current         date and time to the hash value of the document and apply a         digital signature to the result. The digitally signed hash value         plus date and time may then be published. So long as the         time-stamping service can be trusted to provide accurate dates         and times (e.g., not to use old dates and times) then the         published timestamp may serve as proof that the document was in         existence as of the date and time provided by the time-stamping         service. Further precautions may ensure that it becomes very         difficult for even the time-stamping service to provide fake         times and dates. For example, the time-stamping service may add         a sequence number, (e.g., 1, 2, 3, etc.) to each document it         timestamps. If the service wishes to provide an old date, the         service would have to find an older sequence number. The older         sequence number would have to fit between two sequence numbers         used immediately before and immediately after the desired fake         date. However, no such sequence number would be available if,         e.g., no numbers had been skipped in the first place.

The system 100 may also disable access thereto with a hard check mechanism. That is, device 113 may include a reader 150 that obtains information from a corresponding authentication device 155. The authentication device 155 may be any item for storing information thereon, such as a card which bears a magnetic strip, such as a credit card, a key that includes an RFID transponder, a limited-distance signal emitter or other transponder, a smart card, a bracelet or wristband which includes a signal transmitter, such as an RFID signal transmitter, or which includes a magnetically encoded signal, a substrate that bears a bar code or other optically readable identifier, or any combination thereof. The reader 150 may be a magnetic strip reader, an RF or infrared receiver, an optical scanner, etc.

The gaming device 113 may therefore be capable of detecting a signal from the authentication device 155 and the system 100 may enable system access based on the signal from the authentication device 155. That is, the gaming device 113 may received encrypted identify verification data from the authentication device 155 for comparison at the gaming device. Continued access may also be conditioned on the gaming device 113 receiving continuing to detect the signal from the authentication device 155. The signal produced by authentication device 155 may additionally or alternatively include information stored on the device 155, such as identity verification data, or any other data that may be used as a key for system access. In one embodiment, the authentication device 155 includes a token that is derived from the authorized user's biometric data, such as the string of alphanumeric characters derived from the user's biometrics. The system 100 may then provide access based on a comparison of the string of characters derived from the biometric sensor reading and the string stored on the authentication device. Alternatively or additionally, the data stored on the authentication device 155 may be used to authenticate the user without other identity verification data. That is, the authentication device data may be given greater weight and may thus be used as the primary data for identity verification.

It is understood that all or some of the data discussed herein may be stored on the authentication device 155 and used as a basis for the comparison with data obtained for identity verification. For example, the device 155 may include physical biometric data, such as fingerprint data, that is compared with fingerprint data received for immediate identity verification. The data used for the comparison may also be limited to being stored to areas only within the user's control, such as areas other than the authentication device 155 and/or the gaming device 113. Validation may therefore be accomplished locally between the gaming device 113 and the authentication device 155; without the transfer of identity verification data to the remote computer 118 for this purpose. Alternatively or additionally, the validation may be accomplished between the remote computer 118 and the authentication device 155.

The functionality disclosed herein may be provided with software that resides on both the gaming communication device 113 and the remote computer 118. Software resident on gaming communication device 113 is preferably operable to present information corresponding to the system services, including wagering and non-wagering type gaming to the user. The information includes, without limitation, graphical and/or textual representations of objects associated with the services, e.g., in one or more interface screens, windows, and/or message boxes, with the presentation of selectable options related to the services, such as menus, icons, buttons, selectable areas, hyperlinks, etc. The gaming device software is also preferably operable to receive data from the remote computer 118 and data input by the user. Software resident on the remote computer 118 is preferably able to exchange data with the gaming device 118, access additional computers, and data storage devices, and perform all of the functions described herein, including providing the backend functionality for the services discussed herein as well those common to gaming systems.

The data discussed herein as being transmitted or used by the various devices of the gaming system 100 may be in any format, which is necessary or desirable for the services provided for the user. The information may be transmitted in whole or in fractional portions thereof, in any format including digital or analog, text or voice, and according to any transport technology, which may include wired or wireless technologies. Wireless technologies may include licensed or license-exempt technologies. Some specific technologies which may be used include, without limitation, Code Division Multiple Access (CDMA), Global System for Mobile Communication (GSM), General Packet Radio Service (GPRS), WiFi (802.11x), WiMax (802.16x), Public Switched Telephone Network (PSTN), Digital Subscriber Line (DSL), Integrated Services Digital Network (ISDN), or cable modem technologies. These are examples only and one of ordinary skill will understand that other types of communication techniques are within the scope of the present invention. Further, it will be understood that additional components may be used in the communication of information between the users and the gaming server. Such additional components may include, without limitation, physical communication lines, trunks, antennas, switches, cables, transmitters, receivers, computers, routers, servers, fiber optical transmission equipment, repeaters, amplifiers, etc.

In at least one embodiment, some or all of the data communication may take place through the Internet or without involvement of the Internet. In certain embodiments, a portion of the information may be transmitted over the Internet while another portion of the information is communicated over a more secure network. For instance, graphic files depicting a roulette table, such as files in .gif or .jpg formats, may be communicated over the Internet while gaming information, such as the results from roulette wheel spin, may be communicated in a parallel network and assembled at the gaming device 113 for display together in a single interface screen. In addition to security considerations, the choice of which of the plurality of networks handle the split data may be based on the bandwidth of the network. Thus, larger graphics files may be transmitted to device 113 over a WiMax network while smaller data files are transmitted over a cellular network.

Referring to FIG. 2, the communication network 116 may be a cellular network 222. Cellular network 222 comprises a plurality of base stations 223, each of which has a corresponding coverage area 225. Base stations may have coverage areas that overlap. Further, the coverage areas may be sectorized or non-sectorized. In the cellular network, the gaming device 113 is generally a mobile station 224, such as a cell phone, that may be transient within the network. The mobile stations 224 communicate with the base stations 223 wirelessly via radio signals. The base stations 223 generally communicate with, e.g., the remote computer 118, over landlines, such as POTS, T1-T3, ISDN, etc. Each base station is preferably programmed to send and receive voice and/or data transmissions to and from mobile station. The gaming device 113 may be coupled to the remote computer 118 with a private label cellular carrier. The mobile stations 224 are preferably preprogrammed with the carrier's authentication software to establish a connection to the cellular network.

In one embodiment, the location verification feature for determining the location of the gaming device 113 does so in relation to the location of at least one of the base stations of the cellular network. That is, the system 100 determines the location of the gaming device 113 based on the location of one or more base stations and the distance and/or the direction (azimuth) of the device 113 from at least one base station. The distance may be determined based on the strength of the transmit signal received from gaming device 113. That is, the gaming system device's transmitter communicates at a fixed transmit power output. The attenuation of the transmit signal is generally a function of the distance between the transmitter and the receiver. Thus, the power of the signal received from the device 113 may be measured at the base station and the distance determined there from, e.g., calculated, or looked up in a database or table that maps distance to signal strength. The direction may be determined based on the azimuth of the antenna receiving the signal from the device 113. Alternatively or additionally, the direction may be determined based on the distance of the device 113 from a plurality of the base stations 223, such as two or three, using techniques, such as triangulation, multilateration, etc., as shown in FIG. 3. Determining the location of the gaming device 113 based on the power level of the signal received form the gaming device is not limited to cellular network. Rather, the process is generally applicable to all types of wireless networks, including satellite, WiFi, GPS, LORAN, RFID, etc., where the location of the base stations are known and the location of the device 113 may be derived based on the distance from the base station.

Referring to FIG. 3, in one embodiment, the location verification feature is implemented using geo-fencing. That is, the location based access features disclosed herein are enforced based on the communication range of base stations in the wireless communication network. For example, the gaming system 100 may communicate with a plurality of gaming devices 354, 355, and 356. Device 354 is shown located outside the gaming jurisdiction or area 358. Devices 355 and 356 are both located inside gaming area 58. However, only device 356 is located within sub-area or geo-fence 357, which is defined by the perimeter of the coverage areas of the plurality of base stations 353. Thus, geo-fencing may be used to enable access for device 356 but disable services for devices 354 and 355. Even though some gaming devices may be within the area 358, such as device 355, those devices may not be allowed to access the gaming system 100 based on its location in relation to geo-fence 357. The base stations may be cellular base stations as discussed above or base stations having a relatively short range, such as WiFi or RFID transmitters/receivers, located within the premises of a hotel. The short-range base stations may, for example, be set up within the service area in a grid pattern, e.g., in the ceiling of a facility, with sufficient separation to determine the location of the device.

Location verification may be implemented with multiple overlapping as well as non-overlapping geo-fences. For example, geo-fence 361 may be defined by the range of fewer than all of the base stations in the network, such as base station 360, which includes all of the base stations in a casino. Geo-fence 360 may be a subset of the area of geo-fence 357 or excluded from area 357, which may include all of the base stations in a hotel. In either event, location based access features, such as classifications, thresholds, services, surveillance, etc., may be geo-fence specific. Geo-fencing may further be combined with triangulation and/or other location verification techniques to determine the specific location of the device within the geo-fence. For example, the location of device 356 may be determined based on triangulation between three of the base stations 353.

Alternatively or additionally, the device 113 may include a global positioning satellite (GPS) chip that determines the location of the device based on signals received from GPS satellites. The GPS chip may stand alone, in which instance the GPS chip sends the GPS location data to other components of the device, such as the processor 122 and/or communication element 124, or part of a single computer chip that combines the function of the GPS chip with the other element.

The location verification feature may generally be implemented with an element, i.e., a location verification element, which is a component of the gaming device 113, the remote computer 118, any intermediary component there between, such as the base station or stations, or a combination thereof. The location verification element may be implemented in hardware, software, or a combination thereof, and generally determines the location of the gaming device 113.

In connection with any of the location determination methods, the gaming system 100 may periodically update the location determination information. This may be done, for example, during a gaming session, at pre-defined time intervals to ensure that movement of the gaming device 113 to an unauthorized area is detected during play, and not just upon login or initial access.

Referring to FIG. 4, a method according to at least one embodiment of the methods disclosed herein begins at 402 with initiating the gaming device 113. Initiation is dependent on the type of the gaming device 113. For example, initiation may simply be turning the device 113 or running an application, such as a browser application or special purpose software. In one embodiment, initiation includes communicating an initiation message from the device 113 to the system 100, e.g., the remote computer 118. The initiation message is generally interpreted by the system 100 as a first request for access. The initiation message may include information therein identifying the device and/or the user, such as a unique device identification number, e.g., for an initial access determination. The unique device identification number may be serial number, a cell-phone number, an IP address, etc.

In one embodiment, the system 100 displays at 404 a first interface screen in response to initiation, such as in response to the initiation message. The first interface screen may be stored locally on the device 113 or communicate over the network 116 to the device 113 for display. The nature of the first interface screen will vary depending on the circumstances. For instance, if the device 113 cannot establish link to the remote computer 113, the first interface screen may contain a message indicating as such. Alternatively, upon successfully establishing the necessary connection, the first interface screen may include at least one form element therein, such as a text box, for the user to enter an ID, a password, or a combination thereof to log into the system 100. The ID and/or password may generally be used as a first level of identity verification and for providing users with user specific customized services. Alternatively or additionally, the customized services may be device specific in which instance the device identification number may be used distinguish the particular device 113 from all other devices in the system.

If at 408 it is determined that the user is new and/or the device has not been activated, the user and the device may at 140 be registered and activated for service, respectively. In one embodiment, the user is registered by receiving at 412 identity verification data, such as a user ID and password, name(s), identification number, address, credit card number(s), physical biometric data, e.g., a fingerprint scan, an iris scan, a retinal scan, a vascular pattern scan, a facial image, etc. The identity verification data may be authenticated with a third party provider, such as the relevant department of motor vehicles, a credit rating agency, etc. User preference information may also be received at 414, such as preference information relating to error classifications and thresholds, location access limits, service limits, surveillance limits, etc. The identity verification data may be encrypted and stored at 416 either with the remote computer 118 or the authentication device 155, as discussed above, and the device 113 may at 417 be activated for service. Once all the requisite and/or desired information is obtained, an appropriate service-type interface screen is displayed at 430.

If at 408 it is determined that the user and/or the device 113 are not new and activated, respectively, the system 100, in one embodiment, determines at 406 the location of the device 113. The location of the device 113 may be determined in a variety of ways, as discussed above. In one embodiment, the location of the device 113 is determined based on the location of at least one base station with which the device 113 is in communication with wirelessly. The base station may be a base station in a cellular network, a local WiFi router, an RFID transponder, etc. The location of the device 113 may simply be an acknowledgement that the device 113 is communicating with at least one base station having a known location. Thus, it can be determined therefrom that the device is within an area defined by the communication range of the at least one base station. Additionally or alternatively, the location of the device 113 may be determined based further on the distance and direction of the device 113 from one or more base stations, e.g., based on the received signal power from the device transmitter. The determination of the device location may also be accomplished with GPS technology. In either instance, the location of the device 113 may be communicated and/or received by the system 10 for use in providing services as discussed herein. The location may be specified in terms of the coordinates, e.g., latitude and longitude, the base station communicating with the device, the class of base station the device is communicating with, e.g., base stations in the casino vs. those in the hotel, base stations in a wagering vs. non-wagering geo-fence areas, etc.

In one embodiment, the system 100 determines at 418 the surveillance level associated with the location of the device 113. This may be accomplished, for instance by looking up the surveillance level in a table that includes surveillance level data mapped to the locations within the service area of the system 100. Alternatively or additionally, the surveillance level may be computed in real-time based on surveillance measures in place at that time.

In one embodiment, the system 100 prompts the user for identity verification data, e.g. physical biometric data, based on the location and/or the surveillance level associated with the location of the device 113. In this instance, the system 100 implements a verification scheme based thereon. That is, the particular type and quantity of identity verification data required to access the services of the system 100 is based on the location and/or surveillance level associated with the location. For example, in a casino area the system 100 may not require any physical biometric verification for access whereas non-casino areas may require physical biometric verification with at least one item of physical biometric data. Similarly, certain common areas outside of the casino, identity verification may require further a second, redundant item of physical biometric data. In the context of the surveillance levels, areas with a type I surveillance may not require physical biometric verification whereas areas with type II surveillance may require at least one item of physical biometric data and areas with type III surveillance may further require at least one redundant item of physical biometric data. As noted above, the system 100 may implement a verification scheme to achieve a target surveillance level. That is, the system 100 may determine the surveillance level of the device location and require identity verification to the extent necessary to meet or exceed the target level. For example, at least one item of redundant verification data may be required to raise type II areas to a target type I. Similarly, at least two items of redundant verification data may be required to raise type III areas to target type I.

Identity verification data may then be compared at 422 with the data stored previously, such as with the remote computer 118 and/or the authentication device 155. If identity verification fails at 424, the system 100 may prompt the user for reentry or additional data. If verification passes, the system 100 may at 426 determine if there are any location based service limits and at 428 determine any applicable user preferences related thereto. That is, the system 100 may determine which of the plurality of available services the user will be provided access to based on the location of the device and/or the surveillance level associated with the location. For example, the system 100 may provide access to all services, such as wagering, entertainment, news, messaging, telephone, IP telephony etc., in the casino, when the device 113 is located within the casino. Similarly, access to all services other than wagering may be provided in all areas. In this respect, the system 100 blocks access to wagering services in certain areas, such as areas outside of the casino.

Following identity verification, a service appropriate interface screen may be displayed for the user at the device 113. That is, the interface screen displayed for the user includes therein selectable options for accessing the enabled services. Non-enabled services will preferably be blacked out. For example, the interface screen may include menu items, icons, hyperlinks, selectable text and graphics, etc., for each of the enabled services that when selected causes a related interface screen to be displayed. As noted above, the system 100 may provide users with access to, e.g., video versions of table games, such as poker. In this instance, a related interface screen may include graphics for video poker, including playing card graphics, betting selections, etc. The interface screens preferably include selectable elements for navigating through the service environment, e.g., for access to other services, and/or selectable elements for submitting gaming and wagering commands, such as hit, stay, hold, draw, bet, bet up, bet down, double down, etc.

In one embodiment, the system 100 obtains data for determining whether or not there has been a user change following the prior identity verification. As discussed above, a user change may be determined based on various types of data, such as behavioral biometric data, e.g., blood pressure, heart or pulse rate, body temperature data, speech, handwriting, keystrokes, body movements, etc., proficiency data, such as keystroke rate, menu item or icon selection rate, player pattern data, e.g., the magnitude and rate of gaming commands, wagering commands, etc. If it is determined at 434 that there may have been a user change since the previous identity verification, the system 100 may prompt the user for identity verification data at 436 or respond based on error classification and thresholds, and repeat identity verification. The system 100 preferably determines if there is a change in the location of the device 113 at 438 and adjusts/enables the services accordingly.

While the foregoing invention has been described in some detail for purposes of clarity and understanding, it will be appreciated by one skilled in the art, from a reading of the disclosure, that various changes in form and detail can be made without departing from the true scope of the invention in the appended claims. 

1. (canceled)
 2. A method comprising: receiving, by at least one computer processor, encrypted identity verification data from a gaming device; comparing, by at least one computer processor, the encrypted identity verification data and previously stored encrypted identity verification data, wherein the encrypted identity verification data received and the previously stored encrypted identity verification data are compared in their encrypted form; enabling, by at least one computer processor, a service on the gaming device based on a match between the encrypted identity verification data, the a service comprising a game; displaying, by at least one computer processor, an interface screen on the gaming device comprising graphic objects associated with the game and at least one selectable element for a user of the gaming device to submit a command during play of the game; obtaining, by at least one computer processor, user continuity data from the gaming device, the user continuity data comprising behavioral data or proficiency data; comparing, by at least one computer processor, the user continuity data to prior user continuity data, wherein the user continuity data comprises a rate at which the user navigates menu items on the interface screen of the gaming device; determining, by at least one computer processor, that the obtained user continuity data is not within a pre-determined level of confidence of the prior user continuity data; and based on the determination that the user continuity data is not within the pre-determined level of confidence of the prior user continuity data, triggering, by at least one computer processor, the display of a prompt on the gaming device.
 3. A method comprising: receiving, by at least one computer processor, identity verification data from a gaming device; encrypting, by at least one computer processor, the identity verification data to generate encrypted identify verification data; comparing, by at least one computer processor, the encrypted identity verification data received and previously stored encrypted identity verification data, wherein the encrypted identity verification data received and the previously stored encrypted identity verification data are compared in their encrypted form; enabling, by at least one computer processor, a service on the gaming device based on a match between the encrypted identity verification data; obtaining, by at least one computer processor, user continuity data from the gaming device, the user continuity data comprising behavioral data or proficiency data; comparing, by at least one computer processor, the user continuity data to prior user continuity data, wherein the user continuity data comprises a rate at which the user navigates menu items on an interface screen of the gaming device; determining, by at least one computer processor, that the obtained user continuity data is not within a pre-determined level of confidence of the prior user continuity data; and based on the determination that the user continuity data is not within the pre-determined level of confidence of the prior user continuity data, triggering, by at least one computer processor, the display of a prompt on the gaming device.
 4. The method of claim 3, wherein the identity verification data comprises at least one item of physical biometric data.
 5. The method of claim 4, wherein the at least one item of physical biometric data comprises at least one of a fingerprint scan, an iris scan, a retina scan, a vascular pattern scan, and a facial image of the user.
 6. The method of claim 3, wherein the identity verification data is encrypted using a one-way encryption algorithm.
 7. The method of claim 3, wherein the identity verification data is encrypted into a string of alphanumeric characters.
 8. The method of claim 3, wherein the identity verification data comprises image data that is encrypted into a string of alphanumeric characters.
 9. The method of claim 3, wherein the identity verification data is encrypted at the device and wherein a remote computer does not store the identity verification data in a raw form.
 10. The method of claim 9, wherein the identity verification data is purged from the device following encryption.
 11. The method of claim 10, wherein the identity verification data is obtained and encrypted at the device for each identity verification.
 12. The method of claim 3, wherein the previously stored encrypted identity verification data is stored on an authentication device.
 13. The method of claim 12, wherein the authentication device comprises at least one of a card with a magnetic strip, an RFID key, a limited distance emitter, a smart card, a bracelet with a signal transmitter, and a substrate with an optically readable identifier.
 14. The method of claim 12, comprising receiving the previously stored encrypted identity verification data from the authentication device and comparing encrypted verification data at the device.
 15. The method of claim 12, wherein, when present, the authentication device is used for identity verification without other identify verification data.
 16. A system comprising: at least one processor; memory storing instructions that, when executed by the at least one processor, configure the system to: receive identity verification data from a gaming device; encrypt the identity verification data; compare encrypted identity verification data to previously stored encrypted identity verification data, wherein the encrypted identity verification data received and the previously stored encrypted identity verification data are compared in their encrypted form; enable a service on the device based on a match between the encrypted identity verification data; obtain user continuity data from the gaming device, the user continuity data comprising behavioral data or proficiency data; compare the user continuity data to prior user continuity data, wherein the continuity data comprises a rate at which the user navigates menu items on an interface screen of the gaming device; determine that the obtained user continuity data is not within a pre-determined level of confidence of the prior user continuity data; and based on the determination that the user continuity data is not within the pre-determined level of confidence of the prior user continuity data, trigger the display of a prompt on the gaming device.
 17. The system of claim 16, wherein the identity verification data is encrypted using a one-way encryption algorithm.
 18. The system of claim 16, wherein the identity verification data is encrypted into a string of alphanumeric characters.
 19. The system of claim 16, wherein the identity verification data comprises image data that is encrypted into a string of alphanumeric characters.
 20. The system of claim 16, wherein the identity verification data is purged from the gaming device following encryption.
 21. The system of claim 16, wherein the identity verification data is obtained and encrypted at the device for each identity verification.
 22. The system of claim 16, wherein encrypted verification data is compared at the device. 